Pawost

Pawost is a piece of malware which targets Android devices. The malware hides inside of mobile apps and uses Google Talk to make malicious phone calls using a spoofed phone number with the area code ‘259’. When the app is opened, a blank Google Talk icon appears in the notifications bar and the malware will begin to run. While the malware is placing a call, the phone is put in a partial wake lock, where the screen and keyboard are turned off but the phone’s CPU continues running. Pawost also gathers personal information and encrypts it before sending it to a remote site. The malware will continue collecting information and making outbound calls until it is force stopped. Uninstalling the malicious app will remove the malware from the device. Pawost is believed to be intended to target Chinese Android users, but it is also capable of targeting victims in the US.

Reference in this site to any specific commercial product, process, or service, or the use of any trade, firm or corporation name is for the information and convenience of the public, and does not constitute endorsement, recommendation, or favoring by the NJCCIC and the State of New Jersey.